EXECUTIVE SUMMARY:
The Ticketfly data breach hit headlines today. Ticket sales for performance events went south late Wednesday night as Ticketfly’s website became defaced and a hacker claimed to have seized its customer database.
“Ticketfly HacKeD By IsHaKdZ,” stated the initial message, which is depicted to the right.
Ticketfly’s website was still down as of late Thursday afternoon. When it became compromised, the hacker posted an image of a Guy Fawkes mask, with the message, “Ticketfly HacKeD By IsHaKdZ,” along with “Your Security Down im Not Sorry.”
Visiting Ticketfly’s site, users discovered the following message:
Following a series of recent issues with Ticketfly properties, we’ve determined that Ticketfly has been the target of a cyber incident. Out of an abundance of caution, we have taken all Ticketfly systems temporarily offline as we continue to look into the issue. We are working to bring our systems back online as soon as possible. Please check back later.
According to Lorenzo Franceschi-Bicchierai, who reports for Motherboard, a Ticketfly representative sent back the exact same statement that appears on its site. “The company did not say whether any event tickets were stolen or otherwise compromised,” writes Franceschi-Bicchierai.
Interestingly, Motherboard and the alleged hacker exchanged emails. “The hacker claimed to have warned Ticketfly of a vulnerability that allowed them to take control of ‘all database’ for Ticketfly and its website. The hacker said they asked for 1 bitcoin to share the details of the vulnerability but did not get a reply. [Later on] the hacker shared what appears to be two emails between him and a series of Ticketfly employees in which the hacker mentions the vulnerability,” reports Franceschi-Bicchierai.
Ticketfly data breach: The evidence
As a show of evidence, the hacker referred Motherboard to a server where they say they uploaded hacked files. When Motherboard investigated, it found what appeared as personal data of Ticketfly customers and employees. Moreover, this included names, home and email addresses, and phone numbers, according to Franceschi-Bicchierai.
Initially, the hacker’s claim that they warned Ticketfly remained unconfirmed. Motherboard later reported on the personal data of six users that clearly appeared on the server. Therefore, the data breach appears to be legitimate.
For more information on the Ticketfly data breach, visit Motherboard.
*Image courtesy of Motherboard.
